-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Trustix Secure Linux Security Advisory #2002-0084
Package name: tcpdump Summary: Incorrect bounds checking Date: 2002-12-19 Affected versions: TSL 1.1, 1.2, 1.5 - -------------------------------------------------------------------------- Package description: Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Problem description: Tcpdump tries to decode packages it sees on the network to provide some information to the user. In the decoding of BGP packages, it failed to do proper bounds checking. The impact is not known, but it could at least be used to crash tcpdump. This is fixed in the 3.7.1 release of tcpdump. In addition, we have upgraded libpcap and arpwatch to resolve dependencies. Action: We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location: All TSL updates are available from <URI:http://www.trustix.net/pub/Trustix/updates/> <URI:ftp://ftp.trustix.net/pub/Trustix/updates/> About Trustix Secure Linux: Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater. Automatic updates: Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Get SWUP from: <URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/> Public testing: These packages have been available for public testing for some time. If you want to contribute by testing the various packages in the testing tree, please feel free to share your findings on the tsl-discuss mailinglist. The testing tree is located at <URI:http://www.trustix.net/pub/Trustix/testing/> <URI:ftp://ftp.trustix.net/pub/Trustix/testing/> Questions? Check out our mailing lists: <URI:http://www.trustix.net/support/> Verification: This advisory along with all TSL packages are signed with the TSL sign key. This key is available from: <URI:http://www.trustix.net/TSL-GPG-KEY> The advisory itself is available from the errata pages at <URI:http://www.trustix.net/errata/trustix-1.2/> and <URI:http://www.trustix.net/errata/trustix-1.5/> or directly at <URI:http://www.trustix.net/errata/misc/2002/TSL-2002-0084-tcpdump.asc.txt> MD5sums of the packages: - -------------------------------------------------------------------------- 824e7cf0772ba11aba56d98c08f951d6 ./1.1/RPMS/arpwatch-2.1a11-2tr.i586.rpm c95236148c009f7365f3497a14add5b4 ./1.1/RPMS/libpcap-0.7.1-2tr.i586.rpm d0eb21ecad3542f89ae88b8707359236 ./1.1/RPMS/tcpdump-3.7.1-2tr.i586.rpm 47c5a0e065911176c9b6f1569b4dee62 ./1.1/SRPMS/arpwatch-2.1a11-2tr.src.rpm a07a2aac096c3097536b9688241016ea ./1.1/SRPMS/libpcap-0.7.1-2tr.src.rpm 659a448d9c335ac09eda2b18ead701e4 ./1.1/SRPMS/tcpdump-3.7.1-2tr.src.rpm b57f1b852378665c4d2a2e17bf81d329 ./1.2/RPMS/arpwatch-2.1a11-2tr.i586.rpm c4d8b5d252ec86a1ba26919fd84e359e ./1.2/RPMS/libpcap-0.7.1-2tr.i586.rpm df7ede2ec5728304ec81edf17305a88a ./1.2/RPMS/tcpdump-3.7.1-2tr.i586.rpm 47c5a0e065911176c9b6f1569b4dee62 ./1.2/SRPMS/arpwatch-2.1a11-2tr.src.rpm a07a2aac096c3097536b9688241016ea ./1.2/SRPMS/libpcap-0.7.1-2tr.src.rpm 659a448d9c335ac09eda2b18ead701e4 ./1.2/SRPMS/tcpdump-3.7.1-2tr.src.rpm e6fba4806f2dabdfe344c735a3756206 ./1.5/RPMS/arpwatch-2.1a11-2tr.i586.rpm e4205a7ef19af19e2748faa371dc5bc9 ./1.5/RPMS/libpcap-0.7.1-2tr.i586.rpm 921390de9b10db4b2651a3cdebd00580 ./1.5/RPMS/tcpdump-3.7.1-2tr.i586.rpm 47c5a0e065911176c9b6f1569b4dee62 ./1.5/SRPMS/arpwatch-2.1a11-2tr.src.rpm a07a2aac096c3097536b9688241016ea ./1.5/SRPMS/libpcap-0.7.1-2tr.src.rpm 659a448d9c335ac09eda2b18ead701e4 ./1.5/SRPMS/tcpdump-3.7.1-2tr.src.rpm - -------------------------------------------------------------------------- Trustix Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+AhWjwRTcg4BxxS0RAiqsAJ9yJY0dSwAJTGqub4HGVlwAR2GySACggJwk GY0JUTjt+4a3xUY+HY0uUqc= =pM84 -----END PGP SIGNATURE-----